{"vulnerability": "CVE-2024-4248", "sightings": [{"uuid": "9adaff3e-7fa8-4be7-8772-d8e2da67724b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42484", "type": "seen", "source": "https://t.me/cvedetector/5491", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42484 - \"ESP-NOW Group Type Message Out-of-Bound Read\"\", \n  \"Content\": \"CVE ID : CVE-2024-42484 \nPublished : Sept. 12, 2024, 3:18 p.m. | 17\u00a0minutes ago \nDescription : ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An Out-of-Bound (OOB) vulnerability was discovered in the implementation of the ESP-NOW group type message because there is no check for the addrs_num field of the group type message. This can result in memory corruption related attacks. Normally there are two fields in the group information that need to be checked, i.e., the addrs_num field and the addrs_list fileld. Since we only checked the addrs_list field, an attacker can send a group type message with an invalid addrs_num field, which will cause the message handled by the firmware to be much larger than the current buffer, thus causing a memory corruption issue that goes beyond the payload length. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-12T17:42:43.000000Z"}, {"uuid": "7872d9bb-843e-4781-92a6-3b3b0a237e3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42483", "type": "seen", "source": "https://t.me/cvedetector/5490", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42483 - Espressif Systems ESP-NOW Replay Attacks Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42483 \nPublished : Sept. 12, 2024, 3:18 p.m. | 17\u00a0minutes ago \nDescription : ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An replay attacks vulnerability was discovered in the implementation of the ESP-NOW because the caches is not differentiated by message types, it is a single, shared resource for all kinds of messages, whether they are broadcast or unicast, and regardless of whether they are ciphertext or plaintext. This can result an attacker to clear the cache of its legitimate entries, there by creating an opportunity to re-inject previously captured packets. This vulnerability is fixed in 2.5.2. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-12T17:42:42.000000Z"}, {"uuid": "29e644d6-c1f8-4391-870a-bfbe847d8c35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42489", "type": "seen", "source": "https://t.me/cvedetector/2862", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42489 - Pro Macros XWiki RCE\", \n  \"Content\": \"CVE ID : CVE-2024-42489 \nPublished : Aug. 12, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : Pro Macros provides XWiki rendering macros. Missing escaping in the Viewpdf macro allows any user with view right on the `CKEditor.HTMLConverter` page or edit or comment right on any page to perform remote code execution. Other macros like Viewppt are vulnerable to the same kind of attack. This vulnerability is fixed in 1.10.1. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-12T19:17:37.000000Z"}, {"uuid": "0c3633b9-3a1e-49af-b13a-bf9029a24942", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42487", "type": "seen", "source": "https://t.me/cvedetector/3293", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42487 - Cilium Inconsistent Gateway API Route Matching\", \n  \"Content\": \"CVE ID : CVE-2024-42487 \nPublished : Aug. 15, 2024, 9:15 p.m. | 36\u00a0minutes ago \nDescription : Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In the 1.15 branch prior to 1.15.8 and the 1.16 branch prior to 1.16.1, Gateway API HTTPRoutes and GRPCRoutes do not follow the match precedence specified in the Gateway API specification. In particular, request headers are matched before request methods, when the specification describes that the request methods must be respected before headers are matched. This could result in unexpected behaviour with security This issue is fixed in Cilium v1.15.8 and v1.16.1. There is no workaround for this issue. \nSeverity: 4.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-16T00:20:28.000000Z"}, {"uuid": "ee5977e6-e15a-4e13-9661-eda3796acf7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42488", "type": "seen", "source": "https://t.me/cvedetector/3292", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42488 - Cilium CiliumClusterwideNetworkPolicy Bypass due to Agent Race Condition\", \n  \"Content\": \"CVE ID : CVE-2024-42488 \nPublished : Aug. 15, 2024, 9:15 p.m. | 36\u00a0minutes ago \nDescription : Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.14.14 and 1.15.8, a race condition in the Cilium agent can cause the agent to ignore labels that should be applied to a node. This could in turn cause CiliumClusterwideNetworkPolicies intended for nodes with the ignored label to not apply, leading to policy bypass. This issue has been patched in Cilium v1.14.14 and v1.15.8 As the underlying issue depends on a race condition, users unable to upgrade can restart the Cilium agent on affected nodes until the affected policies are confirmed to be working as expected. \nSeverity: 6.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-16T00:20:27.000000Z"}, {"uuid": "ce6d82be-fd8f-41d7-9991-6edc96a919bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42486", "type": "seen", "source": "https://t.me/cvedetector/3349", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42486 - Cilium Reference Grant Propagation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42486 \nPublished : Aug. 16, 2024, 3:15 p.m. | 34\u00a0minutes ago \nDescription : Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In versions on the 1.15.x branch prior to 1.15.8 and the 1.16.x branch prior to 1.16.1, ReferenceGrant changes are not correctly propagated in Cilium's GatewayAPI controller, which could lead to Gateway resources being able to access secrets for longer than intended, or to Routes having the ability to forward traffic to backends in other namespaces for longer than intended. This issue has been patched in Cilium v1.15.8 and v1.16.1. As a workaround, any modification of a related Gateway/HTTPRoute/GRPCRoute/TCPRoute CRD (for example, adding any label to any of these resources) will trigger a reconciliation of ReferenceGrants on an affected cluster. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-16T17:54:13.000000Z"}, {"uuid": "94dfbce3-9550-4d0b-81dc-f4b4824823f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42480", "type": "seen", "source": "https://t.me/cvedetector/2865", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42480 - Kamaji Kubernetes RBAC Role Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-42480 \nPublished : Aug. 12, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : Kamaji is the Hosted Control Plane Manager for Kubernetes. In versions 1.0.0 and earlier, Kamaji uses an \"open at the top\" range definition in RBAC for etcd roles leading to some TCPs API servers being able to read, write, and delete the data of other control planes. This vulnerability is fixed in edge-24.8.2. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-12T19:17:43.000000Z"}, {"uuid": "14b0893a-8768-4bc2-b146-90868c8177cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42481", "type": "seen", "source": "https://t.me/cvedetector/2864", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42481 - Skyport Daemon - Denial of Service/Resource Consumption\", \n  \"Content\": \"CVE ID : CVE-2024-42481 \nPublished : Aug. 12, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : Skyport Daemon (skyportd) is the daemon for the Skyport Panel. By making thousands of folders & files (easy due to skyport's lack of rate limiting on createFolder. createFile), skyportd in a lot of cases will cause 100% CPU usage and an OOM, probably crashing the system. This is fixed in 0.2.2. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-12T19:17:39.000000Z"}, {"uuid": "a6aea772-2f85-48b8-ae00-cbd5e199dea6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42485", "type": "seen", "source": "https://t.me/cvedetector/2861", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42485 - Filament Excel Local File Inclusion\", \n  \"Content\": \"CVE ID : CVE-2024-42485 \nPublished : Aug. 12, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : Filament Excel enables excel export for Filament admin resources. The export download route `/filament-excel/{path}` allowed downloading any file without login when the webserver allows `../` in the URL.  Patched with Version v2.3.3. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-12T19:17:36.000000Z"}, {"uuid": "85418971-2063-43fa-b0c8-ca372cee6387", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42482", "type": "seen", "source": "https://t.me/cvedetector/2858", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42482 - Fish-shop Syntax-Check Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42482 \nPublished : Aug. 12, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : fish-shop/syntax-check is a GitHub action for syntax checking fish shell files. Improper neutralization of delimiters in the `pattern` input (specifically the command separator `;` and command substitution characters `(` and `)`) mean that arbitrary command injection is possible by modification of the input value used in a workflow. This has the potential for exposure or exfiltration of sensitive information from the workflow runner, such as might be achieved by sending environment variables to an external entity. It is recommended that users update to the patched version `v1.6.12` or the latest release version `v2.0.0`, however remediation may be possible through careful control of workflows and the `pattern` input value used by this action. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-12T19:17:33.000000Z"}]}